2018-12-24 17:45:15 +00:00
|
|
|
/*
|
2019-05-12 20:55:30 +00:00
|
|
|
* Copyright © 2018-2019 A Bunch Tell LLC.
|
2018-12-24 17:45:15 +00:00
|
|
|
*
|
|
|
|
* This file is part of WriteFreely.
|
|
|
|
*
|
|
|
|
* WriteFreely is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, included
|
|
|
|
* in the LICENSE file in this source code package.
|
|
|
|
*/
|
2018-12-31 06:05:26 +00:00
|
|
|
|
2018-10-15 18:44:15 +00:00
|
|
|
package writefreely
|
|
|
|
|
|
|
|
import (
|
2018-11-11 22:52:24 +00:00
|
|
|
"github.com/writeas/web-core/log"
|
2019-06-13 14:14:35 +00:00
|
|
|
"github.com/writeas/writefreely/key"
|
2018-10-15 18:44:15 +00:00
|
|
|
"io/ioutil"
|
2018-11-11 22:52:24 +00:00
|
|
|
"os"
|
2018-11-11 22:16:05 +00:00
|
|
|
"path/filepath"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
keysDir = "keys"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
emailKeyPath = filepath.Join(keysDir, "email.aes256")
|
|
|
|
cookieAuthKeyPath = filepath.Join(keysDir, "cookies_auth.aes256")
|
|
|
|
cookieKeyPath = filepath.Join(keysDir, "cookies_enc.aes256")
|
2018-10-15 18:44:15 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
2019-05-12 20:55:30 +00:00
|
|
|
func initKeyPaths(app *App) {
|
2019-01-20 19:18:09 +00:00
|
|
|
emailKeyPath = filepath.Join(app.cfg.Server.KeysParentDir, emailKeyPath)
|
|
|
|
cookieAuthKeyPath = filepath.Join(app.cfg.Server.KeysParentDir, cookieAuthKeyPath)
|
|
|
|
cookieKeyPath = filepath.Join(app.cfg.Server.KeysParentDir, cookieKeyPath)
|
|
|
|
}
|
|
|
|
|
2019-05-12 20:55:30 +00:00
|
|
|
func initKeys(app *App) error {
|
2018-10-15 18:44:15 +00:00
|
|
|
var err error
|
2019-06-13 14:14:35 +00:00
|
|
|
app.keys = &key.Keychain{}
|
2018-10-15 18:44:15 +00:00
|
|
|
|
2019-01-18 23:57:04 +00:00
|
|
|
if debugging {
|
|
|
|
log.Info(" %s", emailKeyPath)
|
|
|
|
}
|
2019-06-13 14:14:35 +00:00
|
|
|
app.keys.EmailKey, err = ioutil.ReadFile(emailKeyPath)
|
2018-10-17 00:30:38 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-01-18 23:57:04 +00:00
|
|
|
if debugging {
|
|
|
|
log.Info(" %s", cookieAuthKeyPath)
|
|
|
|
}
|
2019-06-13 14:14:35 +00:00
|
|
|
app.keys.CookieAuthKey, err = ioutil.ReadFile(cookieAuthKeyPath)
|
2018-10-15 18:44:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-01-18 23:57:04 +00:00
|
|
|
if debugging {
|
|
|
|
log.Info(" %s", cookieKeyPath)
|
|
|
|
}
|
2019-06-13 14:14:35 +00:00
|
|
|
app.keys.CookieKey, err = ioutil.ReadFile(cookieKeyPath)
|
2018-10-15 18:44:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2018-11-11 22:52:24 +00:00
|
|
|
|
|
|
|
// generateKey generates a key at the given path used for the encryption of
|
|
|
|
// certain user data. Because user data becomes unrecoverable without these
|
|
|
|
// keys, this won't overwrite any existing key, and instead outputs a message.
|
|
|
|
func generateKey(path string) error {
|
|
|
|
// Check if key file exists
|
2019-01-20 18:43:06 +00:00
|
|
|
if _, err := os.Stat(path); err == nil {
|
2018-11-11 22:52:24 +00:00
|
|
|
log.Info("%s already exists. rm the file if you understand the consquences.", path)
|
|
|
|
return nil
|
2019-01-20 18:43:06 +00:00
|
|
|
} else if !os.IsNotExist(err) {
|
|
|
|
log.Error("%s", err)
|
|
|
|
return err
|
2018-11-11 22:52:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
log.Info("Generating %s.", path)
|
2019-06-13 14:14:35 +00:00
|
|
|
b, err := key.GenerateBytes(key.EncKeysBytes)
|
2018-11-11 22:52:24 +00:00
|
|
|
if err != nil {
|
|
|
|
log.Error("FAILED. %s. Run writefreely --gen-keys again.", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
err = ioutil.WriteFile(path, b, 0600)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("FAILED writing file: %s", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
log.Info("Success.")
|
|
|
|
return nil
|
|
|
|
}
|